From: Jeffrey Carter <jeffrey.carter@boeing.com>
Subject: Re: Is strong typing worth the cost?
Date: Wed, 1 May 2002 16:32:21 GMT
Date: 2002-05-01T16:32:21+00:00 [thread overview]
Message-ID: <3CD01895.A2CD5F41@boeing.com> (raw)
In-Reply-To: Xns9201F90F50C5derekknosofcouk@62.253.162.108
What is the cost/benefit ratio of weak typing? In "Managing Software
Security Risks", Gary McGraw (IEEE Computer, 2002 April) says "Buffer
overflows have been causing serious security problems for decades and
now account for nearly half of all major security bugs resulting in CERT
Coordination Center (http://www.cert.org/) advisories.". Buffer
overflows result from the use of weakly typed languages that do not
automatically check array accesses against array bounds by developers
who do not manually perform such checks. About half of all major
security flaws would not exist if the software had been developed in a
strongly typed language.
I recall seeing, but can't now find, an article that put the worldwide
cost of crackers exploiting security flaws at $10G for a recent year.
The best I can find is http://www.statonline.com/technologies/facts.asp,
which says, "In 1998, 163 organizations reported losing $123.7 million
to computer security breaches, or about $759,000 per organization. (1999
CSI/FBI Report)". There need be only about 13,000 organizations
worldwide for the $10G figure to be correct.
That would put the cost of buffer overflows, a subset of weak typing, at
about $61M for 163 organizations in 1998, or about $330k/organization.
If the $10G figure is correct, the worldwide cost is about $5G/year. If
my memory is off by an order of magnitude, it would be $500M/year. All
of these figures represent a significant cost from a subset of weak
typing.
What is the benefit of weak typing? There appears to be none, which puts
the cost/benefit ratio for this instance of weak typing at or
approaching infinity.
One benefit of strong typing would be the elimination of about half of
all major security flaws, a significant benefit. The cost of obtaining
this benefit would have been small if an appropriate language choice had
been made for this software (remember that C and Pascal are
contemporaries, so it's not as if this technology was unknown when
networking software was developed). This is evidence that the
cost/benefit ratio of strong typing is smaller than the ratio for weak
typing.
--
Jeffrey Carter
next prev parent reply other threads:[~2002-05-01 16:32 UTC|newest]
Thread overview: 166+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-04-28 17:07 Is strong typing worth the cost? dmjones
2002-04-29 15:22 ` Ted Dennison
2002-04-29 15:53 ` Pat Rogers
2002-04-29 18:37 ` dmjones
2002-04-29 18:50 ` Pat Rogers
2002-04-29 19:00 ` Darren New
2002-04-30 11:50 ` Marc A. Criley
2002-04-30 13:24 ` dmjones
2002-04-30 15:03 ` Jim Rogers
2002-04-30 16:48 ` dmjones
2002-04-30 17:45 ` Marin David Condic
2002-05-01 21:36 ` Brian Gaffney
2002-04-30 18:20 ` tmoran
2002-04-30 19:00 ` Marin David Condic
2002-05-01 15:20 ` dmjones
2002-05-01 16:07 ` Marin David Condic
2002-05-02 5:00 ` Simon Wright
2002-05-02 7:55 ` Martin Dowie
2002-05-01 16:51 ` Darren New
2002-05-01 17:25 ` Marin David Condic
2002-05-02 16:09 ` Darren New
2002-05-03 13:46 ` Marin David Condic
2002-05-03 22:54 ` Darren New
2002-05-01 18:22 ` tmoran
2002-05-01 18:50 ` Marin David Condic
2002-05-01 20:30 ` Dan Andreatta
2002-05-01 21:47 ` Larry Kilgallen
2002-05-02 15:43 ` Wes Groleau
2002-04-30 19:01 ` Preben Randhol
2002-04-30 19:28 ` Preben Randhol
2002-04-30 20:20 ` Marin David Condic
2002-05-01 8:36 ` Pascal Obry
2002-05-01 11:50 ` Gary Scott
2002-05-01 13:39 ` Marin David Condic
2002-05-02 2:24 ` Darren New
2002-05-02 15:47 ` Wes Groleau
2002-05-02 16:37 ` Darren New
2002-05-02 19:59 ` Chad R. Meiners
2002-05-02 21:48 ` Darren New
2002-05-02 22:16 ` Wes Groleau
2002-05-02 23:52 ` Darren New
2002-05-03 0:17 ` Aidan Skinner
2002-05-03 0:31 ` Aidan Skinner
2002-05-03 15:10 ` Wes Groleau
2002-05-03 16:06 ` Darren New
2002-05-06 16:37 ` Wes Groleau
2002-05-06 17:40 ` Darren New
2002-05-07 2:06 ` tmoran
2002-05-07 15:21 ` Darren New
2002-05-07 19:11 ` Preben Randhol
2002-05-03 15:31 ` Wes Groleau
2002-05-03 16:21 ` Darren New
2002-05-06 15:33 ` Wes Groleau
2002-05-06 16:30 ` Darren New
2002-05-03 15:38 ` Wes Groleau
2002-05-03 16:07 ` Marin David Condic
2002-05-03 19:51 ` Randy Brukardt
2002-05-03 20:55 ` Ed Falis
2002-05-04 16:34 ` Brian Rogoff
2002-05-03 0:22 ` Chad R. Meiners
2002-05-03 0:48 ` Darren New
2002-05-03 12:11 ` Chad R. Meiners
2002-05-03 14:27 ` Marin David Condic
2002-05-04 0:23 ` Darren New
2002-05-06 17:54 ` Marin David Condic
2002-05-07 15:28 ` Darren New
2002-05-07 17:54 ` Chad R. Meiners
2002-05-03 14:01 ` Marin David Condic
2002-05-03 23:41 ` Gary Scott
2002-05-06 18:05 ` Marin David Condic
2002-05-01 14:19 ` Pascal Obry
2002-05-01 13:27 ` Marin David Condic
2002-05-01 14:28 ` Wes Groleau
2002-05-01 15:25 ` Marin David Condic
2002-05-02 15:51 ` Wes Groleau
2002-05-02 16:47 ` Gary Scott
2002-05-02 18:24 ` Preben Randhol
2002-05-02 18:48 ` Dan Nagle
2002-05-03 8:44 ` Preben Randhol
2002-05-03 10:17 ` Gary Scott
2002-05-03 10:48 ` Preben Randhol
2002-05-03 13:13 ` Gary Scott
2002-05-03 14:40 ` Preben Randhol
2002-05-03 14:32 ` Dan Nagle
2002-05-02 17:26 ` Larry Hazel
2002-05-02 18:12 ` Wes Groleau
2002-05-02 18:40 ` Preben Randhol
2002-05-02 21:54 ` Wes Groleau
2002-05-02 18:54 ` Gary Scott
2002-05-02 21:56 ` Wes Groleau
2002-05-26 17:56 ` Robert I. Eachus
2002-05-26 22:04 ` Brian Rogoff
2002-05-27 23:26 ` Robert I. Eachus
2002-05-28 15:26 ` Marin David Condic
2002-05-02 11:30 ` Larry Kilgallen
[not found] ` <3CCFD76A.A60BB9Organization: LJK Software <Sb8D81Zz$HcE@eisner.encompasserve.org>
2002-05-02 16:12 ` Darren New
2002-04-30 21:17 ` Jim Rogers
2002-04-30 21:30 ` Darren New
2002-05-07 12:17 ` Colin Paul Gloster
2002-05-07 22:11 ` Hyman Rosen
2002-04-30 15:39 ` Marin David Condic
2002-05-01 14:39 ` Wes Groleau
2002-05-01 15:42 ` Marin David Condic
2002-05-02 20:17 ` Jeffrey Carter
2002-05-03 14:40 ` Marin David Condic
2002-05-26 16:51 ` Robert I. Eachus
2002-05-28 15:16 ` Marin David Condic
2002-04-30 17:02 ` Chad R. Meiners
2002-04-30 17:27 ` Darren New
2002-04-30 20:15 ` Chad R. Meiners
2002-04-30 20:42 ` Marin David Condic
2002-05-02 12:00 ` Marc A. Criley
2002-05-02 15:20 ` Larry Kilgallen
2002-05-02 16:19 ` Darren New
2002-05-03 14:44 ` Marin David Condic
2002-04-30 21:40 ` Darren New
2002-04-30 21:43 ` tmoran
2002-04-30 22:38 ` Darren New
2002-04-30 18:04 ` Marin David Condic
2002-04-30 17:27 ` Jeffrey Carter
2002-04-30 17:35 ` Marc A. Criley
2002-05-01 4:01 ` Richard Riehle
2002-04-29 16:02 ` Marin David Condic
2002-05-01 0:31 ` dmjones
2002-05-01 8:05 ` Preben Randhol
2002-05-01 8:07 ` Preben Randhol
2002-05-01 14:32 ` Mike Silva
2002-05-01 15:52 ` Marin David Condic
2002-05-02 16:17 ` Wes Groleau
2002-05-02 18:53 ` tmoran
2002-05-02 18:58 ` Pat Rogers
2002-05-01 15:35 ` Jim Rogers
2002-05-01 16:17 ` Marin David Condic
2002-05-01 18:42 ` dmjones
2002-05-01 20:12 ` Dan Andreatta
2002-05-01 20:19 ` Darren New
2002-05-01 22:17 ` Jeffrey Carter
2002-05-02 16:18 ` Wes Groleau
2002-05-01 21:46 ` Larry Kilgallen
2002-05-01 22:21 ` Jeffrey Carter
2002-05-02 11:28 ` John English
2002-05-02 16:18 ` Darren New
2002-05-02 16:41 ` Larry Kilgallen
2002-05-02 18:28 ` Preben Randhol
2002-05-02 19:53 ` Larry Kilgallen
2002-05-03 12:12 ` Andrzej Filip
2002-05-03 10:14 ` Georg Bauhaus
2002-05-26 22:46 ` Robert I. Eachus
2002-05-27 8:10 ` Florian Weimer
2002-05-01 22:47 ` Jim Rogers
2002-05-01 16:32 ` Jeffrey Carter [this message]
2002-05-01 17:59 ` Marin David Condic
2002-05-01 19:08 ` Wes Groleau
2002-05-01 21:10 ` Brian Gaffney
2002-05-03 2:45 ` dmjones
2002-05-03 7:59 ` Martin Dowie
2002-05-03 8:43 ` Preben Randhol
2002-05-03 8:55 ` Martin Dowie
2002-05-03 8:51 ` Preben Randhol
-- strict thread matches above, loose matches on Subject: below --
2002-04-29 19:21 Beard, Frank [Contractor]
2002-04-29 20:15 ` dmjones
2002-04-29 23:26 Beard, Frank [Contractor]
2002-04-30 18:08 Beard, Frank [Contractor]
2002-05-01 11:07 ` David Gillon
2002-04-30 20:32 Beard, Frank [Contractor]
2002-04-30 21:34 Gralia, Mars J.
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox